Hi,
I'm working on a simple security service for enterprise application, and one of the
requirements is to be able to determine list of application roles (composites, if I get
the vocabulary right) for each user that has successfully signed in. User credentials are
naturally acquired from session token.
According to the REST API docs, you can acquire list of application roles for a given
realm role with the following request:
/admin/realms/{realm}/roles/{realm_role}/composites
It turns out however that in order to be successfully executed, this request requires the
user to have "manage-realm" effective role assigned. This will naturally be the
case only for admin users.
So I'd much appreciate if you could tell whether there is a way (using REST API or
User/RoleRepresentation objects) to get list of application roles for a given realm role
without the need of having "manage-realm" role assigned.
Thank you in advance for your help.
Best Regards,
Maciej Szewczykowski
Java Developer
________________________________
T +44 01628 539 800
E firstname.lastname(a)pjmedia.co.uk
PJ Media Limited,
Plac Wolności 21, 05-825
Grodzisk Mazowiecki, Warsaw, Poland
[
Brandpath]<http://www.brandpath.com/>
PJ MEDIA LIMITED | Registered in England and Wales no. 04946760 | Registered Office:
Network House, Third Avenue, Globe Park, Marlow, Buckinghamshire, SL7 1EY, United Kingdom
| Web site:
http://www.pjmedia.co.uk
The contents of this message and any attachments to it are confidential and may be legally
privileged. If you have received this message in error you should delete it from your
system immediately and advise the sender. To any recipient of this message within PJ
Media, unless otherwise stated, you should consider this message and attachments as PJ
Media confidential.
PJ MEDIA LIMITED,
Registered in England no. 04946760
Address: Network House, Third Avenue, Globe Park, Marlow, SL7 1EY, United Kingdom